CVE-2023-42818

Name of the Vulnerable Software and Affected Versions JumpServer versions prior to 3.5.6 JumpServer versions prior to 3.6.5

Description The issue is related to the Koko SSH server in JumpServer, an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit this by utilizing a disclosed public key to attempt brute-force authentication against the SSH service.

Recommendations For versions prior to 3.5.6, upgrade to version 3.5.6 or later. For versions prior to 3.6.5, upgrade to version 3.6.5 or later. As a temporary workaround, consider disabling the use of public keys for authentication until a patch is available. Restrict access to the SSH service to minimize the risk of exploitation.